diff options
Diffstat (limited to 'g10')
-rw-r--r-- | g10/card-util.c | 2 | ||||
-rw-r--r-- | g10/compress.c | 28 | ||||
-rw-r--r-- | g10/filter.h | 7 | ||||
-rw-r--r-- | g10/getkey.c | 21 | ||||
-rw-r--r-- | g10/gpg.c | 5 | ||||
-rw-r--r-- | g10/import.c | 6 | ||||
-rw-r--r-- | g10/keydb.h | 8 | ||||
-rw-r--r-- | g10/keyedit.c | 2 | ||||
-rw-r--r-- | g10/keylist.c | 15 | ||||
-rw-r--r-- | g10/mainproc.c | 63 | ||||
-rw-r--r-- | g10/options.h | 4 | ||||
-rw-r--r-- | g10/packet.h | 2 | ||||
-rw-r--r-- | g10/passphrase.c | 5 | ||||
-rw-r--r-- | g10/pkclist.c | 2 | ||||
-rw-r--r-- | g10/revoke.c | 2 |
15 files changed, 117 insertions, 55 deletions
diff --git a/g10/card-util.c b/g10/card-util.c index ffb94dae4..587f181f2 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -633,7 +633,7 @@ current_card_status (ctrl_t ctrl, estream_t fp, { tty_fprintf (fp, " created ....: %s\n", isotimestamp (info.fpr3time)); - print_keygrip (fp, info.grp2); + print_keygrip (fp, info.grp3); } tty_fprintf (fp, "General key info..: "); diff --git a/g10/compress.c b/g10/compress.c index 61bb756f2..e7a6f2b11 100644 --- a/g10/compress.c +++ b/g10/compress.c @@ -309,15 +309,19 @@ int handle_compressed (ctrl_t ctrl, void *procctx, PKT_compressed *cd, int (*callback)(IOBUF, void *), void *passthru ) { - compress_filter_context_t *cfx; int rc; if(check_compress_algo(cd->algorithm)) return GPG_ERR_COMPR_ALGO; - cfx = xmalloc_clear (sizeof *cfx); - cfx->release = release_context; - cfx->algo = cd->algorithm; - push_compress_filter(cd->buf,cfx,cd->algorithm); + if(cd->algorithm) { + compress_filter_context_t *cfx; + + cfx = xmalloc_clear (sizeof *cfx); + cfx->release = release_context; + cfx->algo = cd->algorithm; + if (push_compress_filter(cd->buf, cfx, cd->algorithm)) + xfree (cfx); + } if( callback ) rc = callback(cd->buf, passthru ); else @@ -326,16 +330,20 @@ handle_compressed (ctrl_t ctrl, void *procctx, PKT_compressed *cd, return rc; } -void +gpg_error_t push_compress_filter(IOBUF out,compress_filter_context_t *zfx,int algo) { - push_compress_filter2(out,zfx,algo,0); + return push_compress_filter2(out,zfx,algo,0); } -void + +/* Push a compress filter and return 0 if that succeeded. */ +gpg_error_t push_compress_filter2(IOBUF out,compress_filter_context_t *zfx, int algo,int rel) { + gpg_error_t err = gpg_error (GPG_ERR_FALSE); + if(algo>=0) zfx->algo=algo; else @@ -350,16 +358,20 @@ push_compress_filter2(IOBUF out,compress_filter_context_t *zfx, case COMPRESS_ALGO_ZIP: case COMPRESS_ALGO_ZLIB: iobuf_push_filter2(out,compress_filter,zfx,rel); + err = 0; break; #endif #ifdef HAVE_BZIP2 case COMPRESS_ALGO_BZIP2: iobuf_push_filter2(out,compress_filter_bz2,zfx,rel); + err = 0; break; #endif default: BUG(); } + + return err; } diff --git a/g10/filter.h b/g10/filter.h index cd177f4a4..6daf273fa 100644 --- a/g10/filter.h +++ b/g10/filter.h @@ -177,9 +177,10 @@ void unarmor_pump_release (UnarmorPump x); int unarmor_pump (UnarmorPump x, int c); /*-- compress.c --*/ -void push_compress_filter(iobuf_t out,compress_filter_context_t *zfx,int algo); -void push_compress_filter2(iobuf_t out,compress_filter_context_t *zfx, - int algo,int rel); +gpg_error_t push_compress_filter (iobuf_t out, compress_filter_context_t *zfx, + int algo); +gpg_error_t push_compress_filter2 (iobuf_t out,compress_filter_context_t *zfx, + int algo, int rel); /*-- cipher.c --*/ int cipher_filter_cfb (void *opaque, int control, diff --git a/g10/getkey.c b/g10/getkey.c index 445e8a6a1..1120e883e 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -4136,15 +4136,20 @@ get_seckey_default_or_card (ctrl_t ctrl, PKT_public_key *pk, *********************************************/ /* Return a string with a printable representation of the user_id. - * this string must be freed by xfree. */ + * this string must be freed by xfree. If R_NOUID is not NULL it is + * set to true if a user id was not found; otherwise to false. */ static char * -get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len) +get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len, + int *r_nouid) { user_id_db_t r; keyid_list_t a; int pass = 0; char *p; + if (r_nouid) + *r_nouid = 0; + /* Try it two times; second pass reads from the database. */ do { @@ -4191,6 +4196,8 @@ get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len) else p = xasprintf ("%s [?]", keystr (keyid)); + if (r_nouid) + *r_nouid = 1; if (r_len) *r_len = strlen (p); return p; @@ -4200,7 +4207,7 @@ get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len) char * get_user_id_string_native (ctrl_t ctrl, u32 * keyid) { - char *p = get_user_id_string (ctrl, keyid, 0, NULL); + char *p = get_user_id_string (ctrl, keyid, 0, NULL, NULL); char *p2 = utf8_to_native (p, strlen (p), 0); xfree (p); return p2; @@ -4210,15 +4217,15 @@ get_user_id_string_native (ctrl_t ctrl, u32 * keyid) char * get_long_user_id_string (ctrl_t ctrl, u32 * keyid) { - return get_user_id_string (ctrl, keyid, 1, NULL); + return get_user_id_string (ctrl, keyid, 1, NULL, NULL); } /* Please try to use get_user_byfpr instead of this one. */ char * -get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn) +get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid) { - return get_user_id_string (ctrl, keyid, 2, rn); + return get_user_id_string (ctrl, keyid, 2, rn, r_nouid); } @@ -4227,7 +4234,7 @@ char * get_user_id_native (ctrl_t ctrl, u32 *keyid) { size_t rn; - char *p = get_user_id (ctrl, keyid, &rn); + char *p = get_user_id (ctrl, keyid, &rn, NULL); char *p2 = utf8_to_native (p, rn, 0); xfree (p); return p2; @@ -429,6 +429,7 @@ enum cmd_and_opt_values oSender, oKeyOrigin, oRequestOrigin, + oNoSymkeyCache, oNoop }; @@ -902,6 +903,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"), ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"), ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"), + ARGPARSE_s_n (oNoSymkeyCache, "no-symkey-cache", "@"), /* Dummy options with warnings. */ ARGPARSE_s_n (oUseAgent, "use-agent", "@"), @@ -3624,6 +3626,7 @@ main (int argc, char **argv) break; case oNoAutostart: opt.autostart = 0; break; + case oNoSymkeyCache: opt.no_symkey_cache = 1; break; case oDefaultNewKeyAlgo: opt.def_new_key_algo = pargs.r.ret_str; @@ -5214,7 +5217,7 @@ g10_exit( int rc ) /* If we had an error but not printed an error message, do it now. * Note that write_status_failure will never print a second failure * status line. */ - if (log_get_errorcount (0)) + if (rc) write_status_failure ("gpg-exit", gpg_error (GPG_ERR_GENERAL)); gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE); diff --git a/g10/import.c b/g10/import.c index ed679d5c0..9fc769df9 100644 --- a/g10/import.c +++ b/g10/import.c @@ -767,7 +767,7 @@ valid_keyblock_packet (int pkttype) * Meta data (ring trust packets) are only considered of WITH_META is set. * PENDING_PKT should be initialized to NULL and not changed by the caller. * Return: 0 = okay, -1 no more blocks or another errorcode. - * The int at at R_V3KEY counts the number of unsupported v3 + * The int at R_V3KEY counts the number of unsupported v3 * keyblocks. */ static int @@ -856,7 +856,9 @@ read_block( IOBUF a, int with_meta, { compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx ); pkt->pkt.compressed->buf = NULL; - push_compress_filter2(a,cfx,pkt->pkt.compressed->algorithm,1); + if (push_compress_filter2 (a, cfx, + pkt->pkt.compressed->algorithm, 1)) + xfree (cfx); /* e.g. in case of compression_algo NONE. */ } free_packet (pkt, &parsectx); init_packet(pkt); diff --git a/g10/keydb.h b/g10/keydb.h index 69365793c..c65af0204 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -405,10 +405,10 @@ void setup_main_keyids (kbnode_t keyblock); data structures. */ void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock); -char*get_user_id_string_native (ctrl_t ctrl, u32 *keyid); -char*get_long_user_id_string (ctrl_t ctrl, u32 *keyid); -char*get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn); -char*get_user_id_native (ctrl_t ctrl, u32 *keyid); +char *get_user_id_string_native (ctrl_t ctrl, u32 *keyid); +char *get_long_user_id_string (ctrl_t ctrl, u32 *keyid); +char *get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid); +char *get_user_id_native (ctrl_t ctrl, u32 *keyid); char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn); char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr); diff --git a/g10/keyedit.c b/g10/keyedit.c index 3d4418ead..00b4e7280 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -264,7 +264,7 @@ keyedit_print_one_sig (ctrl_t ctrl, estream_t fp, else { size_t n; - char *p = get_user_id (ctrl, sig->keyid, &n); + char *p = get_user_id (ctrl, sig->keyid, &n, NULL); tty_print_utf8_string2 (fp, p, n, opt.screen_columns - keystrlen () - 26 - ((opt. diff --git a/g10/keylist.c b/g10/keylist.c index bcbad450a..1f501fc97 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -1182,7 +1182,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr, else if (!opt.fast_list_mode) { size_t n; - char *p = get_user_id (ctrl, sig->keyid, &n); + char *p = get_user_id (ctrl, sig->keyid, &n, NULL); print_utf8_buffer (es_stdout, p, n); xfree (p); } @@ -1553,6 +1553,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, byte fparray[MAX_FINGERPRINT_LEN]; char *siguid; size_t siguidlen; + char *issuer_fpr = NULL; if (sig->sig_class == 0x20 || sig->sig_class == 0x28 || sig->sig_class == 0x30) @@ -1610,11 +1611,16 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, else { rc = 0; - sigrc = ' '; + sigrc = ' '; /* Note the fix-up below in --list-sigs mode. */ } if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode) - siguid = get_user_id (ctrl, sig->keyid, &siguidlen); + { + int nouid; + siguid = get_user_id (ctrl, sig->keyid, &siguidlen, &nouid); + if (!opt.check_sigs && nouid) + sigrc = '?'; /* No key in local keyring. */ + } else { siguid = NULL; @@ -1653,6 +1659,8 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, for (i = 0; i < fplen; i++) es_fprintf (es_stdout, "%02X", fparray[i]); } + else if ((issuer_fpr = issuer_fpr_string (sig))) + es_fputs (issuer_fpr, es_stdout); es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo); @@ -1661,6 +1669,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, /* fixme: check or list other sigs here */ xfree (siguid); + xfree (issuer_fpr); } } diff --git a/g10/mainproc.c b/g10/mainproc.c index 1af89c501..69de865e7 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -1307,7 +1307,7 @@ list_node (CTX c, kbnode_t node) } else if (!opt.fast_list_mode) { - p = get_user_id (c->ctrl, sig->keyid, &n); + p = get_user_id (c->ctrl, sig->keyid, &n, NULL); es_write_sanitized (es_stdout, p, n, opt.with_colons?":":NULL, NULL ); xfree (p); @@ -1710,21 +1710,40 @@ akl_has_wkd_method (void) } -/* Return the ISSUER fingerprint string in human readbale format if - * available. Caller must release the string. */ -static char * -issuer_fpr_string (PKT_signature *sig) +/* Return the ISSUER fingerprint buffer and its lenbgth at R_LEN. + * Returns NULL if not available. The returned buffer is valid as + * long as SIG is not modified. */ +static const byte * +issuer_fpr_raw (PKT_signature *sig, size_t *r_len) { const byte *p; size_t n; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n); if (p && n == 21 && p[0] == 4) - return bin2hex (p+1, n-1, NULL); + { + *r_len = n - 1; + return p+1; + } + *r_len = 0; return NULL; } +/* Return the ISSUER fingerprint string in human readbale format if + * available. Caller must release the string. */ +/* FIXME: Move to another file. */ +char * +issuer_fpr_string (PKT_signature *sig) +{ + const byte *p; + size_t n; + + p = issuer_fpr_raw (sig, &n); + return p? bin2hex (p, n, NULL) : NULL; +} + + static void print_good_bad_signature (int statno, const char *keyid_str, kbnode_t un, PKT_signature *sig, int rc) @@ -1761,7 +1780,7 @@ check_sig_and_print (CTX c, kbnode_t node) int rc; int is_expkey = 0; int is_revkey = 0; - char *issuer_fpr; + char *issuer_fpr = NULL; PKT_public_key *pk = NULL; /* The public key for the signature or NULL. */ int tried_ks_by_fpr; @@ -1888,13 +1907,14 @@ check_sig_and_print (CTX c, kbnode_t node) write_status_text (STATUS_NEWSIG, NULL); astr = openpgp_pk_algo_name ( sig->pubkey_algo ); - if ((issuer_fpr = issuer_fpr_string (sig))) + issuer_fpr = issuer_fpr_string (sig); + + if (issuer_fpr) { log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp)); log_info (_(" using %s key %s\n"), astr? astr: "?", issuer_fpr); - xfree (issuer_fpr); } else if (!keystrlen () || keystrlen () > 8) { @@ -2001,14 +2021,14 @@ check_sig_and_print (CTX c, kbnode_t node) const byte *p; size_t n; - p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n); - if (p && n == 21 && p[0] == 4) + p = issuer_fpr_raw (sig, &n); + if (p) { /* v4 packet with a SHA-1 fingerprint. */ free_public_key (pk); pk = NULL; glo_ctrl.in_auto_key_retrieve++; - res = keyserver_import_fprint (c->ctrl, p+1, n-1, opt.keyserver, 1); + res = keyserver_import_fprint (c->ctrl, p, n, opt.keyserver, 1); tried_ks_by_fpr = 1; glo_ctrl.in_auto_key_retrieve--; if (!res) @@ -2375,22 +2395,23 @@ check_sig_and_print (CTX c, kbnode_t node) } else { - char buf[50]; - - snprintf (buf, sizeof buf, "%08lX%08lX %d %d %02x %lu %d", - (ulong)sig->keyid[0], (ulong)sig->keyid[1], - sig->pubkey_algo, sig->digest_algo, - sig->sig_class, (ulong)sig->timestamp, gpg_err_code (rc)); - write_status_text (STATUS_ERRSIG, buf); + write_status_printf (STATUS_ERRSIG, "%08lX%08lX %d %d %02x %lu %d %s", + (ulong)sig->keyid[0], (ulong)sig->keyid[1], + sig->pubkey_algo, sig->digest_algo, + sig->sig_class, (ulong)sig->timestamp, + gpg_err_code (rc), + issuer_fpr? issuer_fpr:"-"); if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY) { - buf[16] = 0; - write_status_text (STATUS_NO_PUBKEY, buf); + write_status_printf (STATUS_NO_PUBKEY, "%08lX%08lX", + (ulong)sig->keyid[0], (ulong)sig->keyid[1]); } if (gpg_err_code (rc) != GPG_ERR_NOT_PROCESSED) log_error (_("Can't check signature: %s\n"), gpg_strerror (rc)); } + free_public_key (pk); + xfree (issuer_fpr); return rc; } diff --git a/g10/options.h b/g10/options.h index f186225c6..dab6e9f8b 100644 --- a/g10/options.h +++ b/g10/options.h @@ -249,7 +249,7 @@ struct unsigned int allow_weak_digest_algos:1; unsigned int large_rsa:1; unsigned int disable_signer_uid:1; - /* Flag to enbale experimental features from RFC4880bis. */ + /* Flag to enable experimental features from RFC4880bis. */ unsigned int rfc4880bis:1; } flags; @@ -282,6 +282,8 @@ struct int unwrap_encryption; int only_sign_text_ids; + + int no_symkey_cache; /* Disable the cache used for --symmetric. */ } opt; /* CTRL is used to keep some global variables we currently can't diff --git a/g10/packet.h b/g10/packet.h index 4f4569f66..e8397eaee 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -620,6 +620,8 @@ int proc_signature_packets_by_fd (ctrl_t ctrl, int proc_encryption_packets (ctrl_t ctrl, void *ctx, iobuf_t a); int list_packets( iobuf_t a ); +char *issuer_fpr_string (PKT_signature *sig); + /*-- parse-packet.c --*/ /* Sets the packet list mode to MODE (i.e., whether we are dumping a diff --git a/g10/passphrase.c b/g10/passphrase.c index a498f627b..10574ec6a 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -317,6 +317,9 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, canceled = &dummy_canceled; *canceled = 0; + if (opt.no_symkey_cache) + nocache = 1; /* Force no symmtric key caching. */ + if ( !s2k ) { log_assert (create && !nocache); @@ -485,7 +488,7 @@ gpg_format_keydesc (ctrl_t ctrl, PKT_public_key *pk, int mode, int escaped) && pk->keyid[1] != pk->main_keyid[1]); algo_name = openpgp_pk_algo_name (pk->pubkey_algo); timestr = strtimestamp (pk->timestamp); - uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen); + uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen, NULL); orig_codeset = i18n_switchto_utf8 (); diff --git a/g10/pkclist.c b/g10/pkclist.c index 6ec5537f5..8b5d0422a 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -1149,7 +1149,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list) else { size_t n; - char *p = get_user_id (ctrl, keyid, &n ); + char *p = get_user_id (ctrl, keyid, &n, NULL); tty_print_utf8_string ( p, n ); xfree(p); } diff --git a/g10/revoke.c b/g10/revoke.c index 846523295..3a089725c 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -571,7 +571,7 @@ gen_standard_revoke (ctrl_t ctrl, PKT_public_key *psk, const char *cache_nonce) kl = opt.keyid_format == KF_NONE? 0 : keystrlen (); - tmpstr = get_user_id (ctrl, keyid, &len); + tmpstr = get_user_id (ctrl, keyid, &len, NULL); es_fprintf (memfp, "uid%*s%.*s\n\n", kl + 10, "", (int)len, tmpstr); |